VMware vSphere

 View Only

  • 1.  ESXi OpenSLP remote code execution vulnerability (CVE-2020-3992)

    Posted Mar 10, 2021 10:47 AM

     

    Hi all,

    How to fix this Vulnerability , Below are the ESXI version and build currently they are running on . SO now to fix this which patch i need to install to my esxi hosts. Kindly suggest me.

     

    VMware ESXi 6.5.0 build-13635690

     

    VMware ESXi 6.5.0 build-15177306
    VMware ESXi 6.5.0 build-10884925
    VMware ESXi 6.5.0 build-10719125
    VMware ESXi 6.5.0 build-10175896
    VMware ESXi 6.5.0 build-16576891
    VMware ESXi 6.5.0 build-4564106
    VMware ESXi 6.5.0 build-6765664
    VMware ESXi 6.5.0 build-7388607
    VMware ESXi 6.5.0 build-8294253

    VMware ESXi 6.5.0 build-15256549



  • 2.  RE: ESXi OpenSLP remote code execution vulnerability (CVE-2020-3992)

    Posted Mar 12, 2021 07:49 AM

    According to the advisory (https://www.vmware.com/security/advisories/VMSA-2020-0023.html), ESXi650-202011401-SG is the fixed version. That would be ESXi650-202011001 with build number 17097218. But the latest patch is ESXi650-202102001 with build number 17477841. Go to https://my.vmware.com/group/vmware/patch#search to download this latest patch.